2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
|
# File 'lib/msf/core/db_manager/import/nessus/xml/v1.rb', line 2
def import_nessus_xml(args={}, &block)
data = args[:data]
wspace = Msf::Util::DBManager.process_opts_workspace(args, framework).name
bl = validate_ips(args[:blacklist]) ? args[:blacklist].split : []
doc = rexmlify(data)
doc.elements.each('/NessusClientData/Report/ReportHost') do |host|
hobj = nil
addr = nil
hname = nil
os = nil
host.elements.each('ReportItem') do |item|
next unless item.elements['pluginID'].text == "12053"
addr = item.elements['data'].text.match(/([0-9\x2e]+) resolves as/n)[1]
hname = host.elements['HostName'].text
end
addr ||= host.elements['HostName'].text
next unless ipv46_validator(addr) if bl.include? addr
next
else
yield(:address,addr) if block
end
hinfo = {
:workspace => wspace,
:host => addr,
:task => args[:task]
}
hinfo.merge!(:name => hname.to_s.strip) if hname
hobj = msf_import_host(hinfo)
report_import_note(wspace,hobj)
os ||= host.elements["os_name"]
if os
msf_import_note(
:workspace => wspace,
:task => args[:task],
:host => hobj,
:type => 'host.os.nessus_fingerprint',
:data => {
:os => os.text.to_s.strip
}
)
end
host.elements.each('ReportItem') do |item|
nasl = item.elements['pluginID'].text
plugin_name = item.elements['pluginName'].text
port = item.elements['port'].text
data = item.elements['data'].text
severity = item.elements['severity'].text
handle_nessus(wspace, hobj, port, nasl, plugin_name, severity, data, args[:task])
end
end
end
|